jamesashpe.netlify.app/weber-county-plat-maps/
34.141.72.9301 Moved Permanently 69 B URL HTTP/1.1 jamesashpe.netlify.app/weber-county-plat-maps/
IP 34.141.72.9:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash 1d3f5c4a32019fccc8b499a2a32b2aa9
42532bddd9a9f8d2ac7d77b5c3f2e39466d2da8e
0a63d9000c824ce5176b91814de3f3a3275cb46af10dc592d87ee535ecf5b788
GET /weber-county-plat-maps/ HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://jamesashpe.netlify.app/weber-county-plat-maps/
Server: Netlify
X-Nf-Request-Id: 01GPR8ZEDKE1J0XKB1H5XJFPZZ
Date: Sat, 14 Jan 2023 13:54:47 GMT
Content-Length: 69
Content-Type: text/plain; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12790
Expires: Sat, 14 Jan 2023 17:27:57 GMT
Date: Sat, 14 Jan 2023 13:54:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7081
Expires: Sat, 14 Jan 2023 15:52:48 GMT
Date: Sat, 14 Jan 2023 13:54:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 13:48:55 GMT
content-type: application/json
age: 352
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7520
Expires: Sat, 14 Jan 2023 16:00:07 GMT
Date: Sat, 14 Jan 2023 13:54:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1Wlgc9zw6OhcbgjmIRcuoFe5/RBnki2sgMDlZr+YGlw/28AY6welBwfDdluWkRIH8iB5nlyZh3XjgfSwOKDZcg==
x-amz-request-id: R4DSZS3CJ9NWQGD7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 13:43:45 GMT
age: 662
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ad44fdf892ab547da4f0297c5992e655
a755d380069df0d19abe0158fb05b4e4312e54f6
141bc6b7bb0b3ae3ed54e0d384bcf13102482ecf7b966f45e61b895522169b1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5200
Cache-Control: max-age=160732
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:47 GMT
Etag: "63c270b3-13a"
Expires: Mon, 16 Jan 2023 10:33:39 GMT
Last-Modified: Sat, 14 Jan 2023 09:06:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 13:54:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 13:17:25 GMT
age: 2243
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 087971e4912a6c829deb60511a8e5fbd
114fdd591d2f06d91b2de5a8ccdfcf3f17c2cf38
b1a12bbe968ffe498e052e8dc146b6e174f78be1142ab9bfee31474f16f29393
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1A12BBE968FFE498E052E8DC146B6E174F78BE1142AB9BFEE31474F16F29393"
Last-Modified: Fri, 13 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=921
Expires: Sat, 14 Jan 2023 14:10:09 GMT
Date: Sat, 14 Jan 2023 13:54:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Last-Modified: Sat, 14 Jan 2023 13:24:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pl15637392.profitablegate.com/39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 pl15637392.profitablegate.com/39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60132), with no line terminators
Hash a904c49f8d2ca08ccf3697e27399688e
663de691a2fc055446c61479f29b83b590df8603
7e250b933a08617bac1747341e477f511539dc0d07fe9355cc9a904f1b52b866
GET /39/14/ae/3914ae10bf633009de6069ed0bb8ca33.js HTTP/1.1
Host: pl15637392.profitablegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d867a7601e72d3b2eb2d567d2de585cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl15637520.profitablegate.com/a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 pl15637520.profitablegate.com/a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37113), with no line terminators
Hash af3bce5cda57596c78e483454ab8245f
1fd91e19e84ed472af0255d2642186cba61a6d4b
739a5b5862142f5c43cb91711f7de92d2709a712051520c5621484d760f111db
GET /a9/81/cc/a981cc90b26126cbeaa22d88f6178a02.js HTTP/1.1
Host: pl15637520.profitablegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab637dc38c37457aa2119d1a8b3ac92b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css
34.141.11.154404 Not Found 1.2 kB URL HTTP/2 jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css
IP 34.141.11.154:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Hash 3530ab3fb068ffb26ab9b3e9184cfcbe
5abe9ee23f42cb727de0567589872f2f5aad57c7
18c9246dec79e05803b6c95c0247f989bf655c1e1809d591b2be37f8bf6f2e22
GET /wp-content/themes/iconic-one/custom.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: 1592756346-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZFW9QETA62HKWZGK3C4K
content-length: 1245
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76237ec279f24af78ed3bdc74ae6b65e
863b83d52ad01b97e03127b8f7303e75d79e2978
0b270314f74ba5dc8288d46482ea4e08b2b701326382ad16e88fbf73762dac3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0B270314F74BA5DC8288D46482EA4E08B2B701326382AD16E88FBF73762DAC3E"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7345
Expires: Sat, 14 Jan 2023 15:57:13 GMT
Date: Sat, 14 Jan 2023 13:54:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.co.weber.ut.us/gis/images/st_guidemap.jpg
204.152.132.23404 Not Found 2.2 kB URL HTTP/1.1 www.co.weber.ut.us/gis/images/st_guidemap.jpg
IP 204.152.132.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1
GET /gis/images/st_guidemap.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.co.weber.ut.us/gis/images/Precinct_Map_South.jpg
204.152.132.23404 Not Found 2.2 kB URL HTTP/1.1 www.co.weber.ut.us/gis/images/Precinct_Map_South.jpg
IP 204.152.132.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1
GET /gis/images/Precinct_Map_South.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
142.250.74.35200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:12 GMT
expires: Sat, 13 Jan 2024 13:33:12 GMT
cache-control: public, max-age=31536000
age: 87696
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.165.255.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.255.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h81iy7AihkmOfmjoCyJnHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oBzOY8tMZ4afhVt9rGMZJCWTjSQ=
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
142.250.74.35200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 03:18:10 GMT
expires: Mon, 08 Jan 2024 03:18:10 GMT
cache-control: public, max-age=31536000
age: 556598
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 13:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/9/191/97
143.204.55.40200 OK 19 kB URL HTTP/1.1 server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/9/191/97
IP 143.204.55.40:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 9e5ad681c6c0dcbc4a3eb425a0c5f05f
5c554f93f08671ca342668d26d261885218624a4
44240b96cd811be8d698f836988d29db8e51b4de639f956a53583f894811756b
GET /ArcGIS/rest/services/World_Imagery/MapServer/tile/9/191/97 HTTP/1.1
Host: server.arcgisonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 18909
Connection: keep-alive
Date: Sat, 14 Jan 2023 13:54:48 GMT
Server: Apache
ETag: "am4l5rvv52ruf"
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
X-Robots-Tag: noindex
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xv4iJxqGaf_pdGBUXUTvWK4stNiZ8fFZQLLIO0nawr3N4JJfuGjFZQ==
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 736c958448b6596d24bb99f0cf0b232d
c8137445dd9df3a26faeead5af609bf1a51654cf
f625ce9a12c763fcaa2fff8d6410de8f9f0ea6673531e6fc6d00e0f4ffe7a17d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 13:54:48 GMT
Last-Modified: Sat, 14 Jan 2023 13:40:44 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 39ZnBa7bp8-p5CCOMOjtVtkaEsNLnD6RYsyUdWEr6zAO0fsGJiu_pg==
Age: 844
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 736c958448b6596d24bb99f0cf0b232d
c8137445dd9df3a26faeead5af609bf1a51654cf
f625ce9a12c763fcaa2fff8d6410de8f9f0ea6673531e6fc6d00e0f4ffe7a17d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 13:54:48 GMT
Last-Modified: Sat, 14 Jan 2023 13:44:40 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dDR9pNWWu8uoZ5luFqunvdLP1PuzEOITcbFCQA594vFPy6zQeDu5yg==
Age: 608
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash 766bfe82190f15fe0630384059309f03
49142e74aff4fbb0a74ee6b077203d4d7bc19d26
d685b08c582702c6b94381f98d54f3d4b2d789f804ea25468098667be6120f87
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://jamesashpe.netlify.app
access-control-allow-credentials: true
set-cookie: uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; expires=Tue, 11 Jan 2033 13:54:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.familysearch.org/wiki/en/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
45.223.164.251301 Moved Permanently 185 B URL HTTP/2 www.familysearch.org/wiki/en/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
IP 45.223.164.251:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4c555068310076e85908835c721911f5
9ec990aabb4391e139034f68e5e657e0f1d0b74d
568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
GET /wiki/en/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png HTTP/1.1
Host: www.familysearch.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 185
date: Sat, 14 Jan 2023 13:54:48 GMT
server: nginx/1.14.2
location: https://www.familysearch.org/en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://*.familysearch.org https://*.familysearch.psdops.com https://*.church.brightspot.cloud
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: mJBshy83G0hoR0xxeMaGlqTVDHQe8uFaJBt079CtBybVTfc1VDbuzQ==
set-cookie: visid_incap_2852034=E9fDDc1bTxWHXz4zCyCPgye0wmMAAAAAQUIPAAAAAACoM9Lpa0CbwPk2PMFHv6aM; expires=Sat, 13 Jan 2024 22:32:33 GMT; HttpOnly; path=/; Domain=.familysearch.org
nlbi_2852034=ENONKIvNiWlr0ZtmFzy7qAAAAAA3dp1cS0Wrlseyrb9Oz1G+; path=/; Domain=.familysearch.org
incap_ses_720_2852034=V9wYSy5O9AoUnT+8BfX9CSi0wmMAAAAAQILxfMN1Np7Lnw4a9QrYhw==; path=/; Domain=.familysearch.org
x-cdn: Imperva
x-iinfo: 14-229014194-229014196 NNNN CT(1 4 0) RT(1673704487869 25) q(0 1 1 0) r(2 2) U5
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 57ec4e6fadbb9b0881c32067c086c656
ca04ba71362b10816df256008c924ec5359f2cb1
6b05918938b49c909cf1379e35d9b2de83cfad3b9fa01c5fe36690ed3c57e163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B05918938B49C909CF1379E35D9B2DE83CFAD3B9FA01C5FE36690ED3C57E163"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5537
Expires: Sat, 14 Jan 2023 15:27:06 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash 858293a77e28acb972ca2076324fa553
57863e1e1ad87e925b9a875c3c4717c4bc3b427a
e7421396f79c9e735ab1203afd694f4a25ec40ccb2cc0d86b2e7e5eafb569bd0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://jamesashpe.netlify.app
access-control-allow-credentials: true
set-cookie: uid_id2=61fc771f-056a-4be9-83ac-def34161a059:1:1; expires=Tue, 11 Jan 2033 13:54:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.co.weber.ut.us/gis/images/parcel_map_lower_north.jpg
204.152.132.23404 Not Found 2.2 kB URL HTTP/1.1 www.co.weber.ut.us/gis/images/parcel_map_lower_north.jpg
IP 204.152.132.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1
GET /gis/images/parcel_map_lower_north.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.co.weber.ut.us/gis/images/countybasemap.jpg
204.152.132.23404 Not Found 2.2 kB URL HTTP/1.1 www.co.weber.ut.us/gis/images/countybasemap.jpg
IP 204.152.132.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 98d0c68f68b59e84f64f452e28c27fa8
cb179f9826c44b90fadb3ae95e1ddc166e58dfdd
c53771e7911e3673ee58ff07c23afde463c93005b556172183c0bb7185a351a1
GET /gis/images/countybasemap.jpg HTTP/1.1
Host: www.co.weber.ut.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.16
Content-Length: 2174
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76237ec279f24af78ed3bdc74ae6b65e
863b83d52ad01b97e03127b8f7303e75d79e2978
0b270314f74ba5dc8288d46482ea4e08b2b701326382ad16e88fbf73762dac3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0B270314F74BA5DC8288D46482EA4E08B2B701326382AD16E88FBF73762DAC3E"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7344
Expires: Sat, 14 Jan 2023 15:57:13 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3e544cdaf3a9fa820c5d451b2057ec7
4f213c0524ec7a1d363242e5c38d4e1884ece419
9cd3016f5c919ac9a3f1c3fea68567c0c68752c24e406bc347c908b663c53725
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9CD3016F5C919AC9A3F1C3FEA68567C0C68752C24E406BC347C908B663C53725"
Last-Modified: Fri, 13 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Sat, 14 Jan 2023 19:54:30 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
toxicrookie.com/pixel/purst?dl=0&th=0&sc=0&rs=1570&rd=1570&fd=939&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 toxicrookie.com/pixel/purst?dl=0&th=0&sc=0&rs=1570&rd=1570&fd=939&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1570&rd=1570&fd=939&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: toxicrookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.dynamospatial.com/static/images/parcel_coverage/weber-county-ut-parcel-data-coverage-map.png
157.230.203.39404 Not Found 5.8 kB URL HTTP/1.1 www.dynamospatial.com/static/images/parcel_coverage/weber-county-ut-parcel-data-coverage-map.png
IP 157.230.203.39:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash c17e3bb3138336d5fbd371978082b319
84b1a1d8ed71fe38408fe718d91a9ca19950b586
efb599cb7b69a11837d1c117ed85b0126af29724ee70ab800bac82f0fe40e293
GET /static/images/parcel_coverage/weber-county-ut-parcel-data-coverage-map.png HTTP/1.1
Host: www.dynamospatial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
server: meinheld/1.0.2
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: text/html; charset=utf-8
content-length: 5752
www.webercountyutah.gov/Surveyor/images/interactive.JPG
204.152.132.23200 OK 87 kB URL HTTP/1.1 www.webercountyutah.gov/Surveyor/images/interactive.JPG
IP 204.152.132.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 519x444, components 3\012- data
Hash b72a534bbfd26e6e3c81a6e6d00059d4
5731f3010a2b9ca7e26af96416bbd9b30c0e94d5
b9e27dbd90e425a91bb5402ace7d294d5efba11dcf1fdcabeaef09d0f8416be2
GET /Surveyor/images/interactive.JPG HTTP/1.1
Host: www.webercountyutah.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
Last-Modified: Wed, 22 Feb 2017 16:18:31 GMT
ETag: "1526d-54920d8f0e3c0"
Accept-Ranges: none
Content-Length: 86637
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.familysearch.org/en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
45.223.164.251200 OK 28 kB URL HTTP/2 www.familysearch.org/en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png
IP 45.223.164.251:0
File type PNG image data, 200 x 243, 8-bit/color RGBA, non-interlaced\012- data
Hash d4dd3ac81a87daa64da3d8ae218929d6
d41eb7f67e9e1965ca13ae9c159f82e895c25f61
5df040c456f0547df6c670c08f02b90a49b15c7d6b276759bb6ae51cabfe8ccb
GET /en/wiki/img_auth.php/thumb/a/a0/Ut-weber.png/200px-Ut-weber.png HTTP/1.1
Host: www.familysearch.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jamesashpe.netlify.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 27859
date: Sat, 14 Jan 2023 13:54:49 GMT
server: nginx/1.14.2
x-content-type-options: nosniff
last-modified: Fri, 08 Jul 2016 16:46:04 GMT
x-request-id: 29f29356895dd155cff4cc70
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://*.familysearch.org https://*.familysearch.psdops.com https://*.church.brightspot.cloud
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: NfDZLd1oMJNoVlJ-3uzHcxDby-HkdWACmYO2sPgtWdcRHMJkl10-6g==
set-cookie: visid_incap_2852034=E9fDDc1bTxWHXz4zCyCPgye0wmMAAAAAQUIPAAAAAACoM9Lpa0CbwPk2PMFHv6aM; expires=Sat, 13 Jan 2024 22:32:33 GMT; HttpOnly; path=/; Domain=.familysearch.org
nlbi_2852034=3ku3NqooaXwy0A+fFzy7qAAAAAAojrNf1lWAWixyXnEGWGvq; path=/; Domain=.familysearch.org
incap_ses_720_2852034=Y6FjBuR7/DYUnT+8BfX9CSi0wmMAAAAABXKwV3dlhQInClnTEUGDWw==; path=/; Domain=.familysearch.org
x-cdn: Imperva
x-iinfo: 14-229014194-229014206 NNNN CT(1 4 0) RT(1673704487869 244) q(0 0 0 0) r(4 4) U5
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4305ae4d0325234c6dd2cee15d317700
8f1441996550d5e9ef29b66e1d51c9dd9c7bd4e0
dd49cee1886f90d142b40c71c193b0ddc38ea800a61cef7538779413a0570e6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD49CEE1886F90D142B40C71C193B0DDC38EA800A61CEF7538779413A0570E6F"
Last-Modified: Thu, 12 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17542
Expires: Sat, 14 Jan 2023 18:47:11 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
www.webercountyutah.gov/GIS/images/gis_map.PNG
204.152.132.23200 OK 538 kB URL HTTP/1.1 www.webercountyutah.gov/GIS/images/gis_map.PNG
IP 204.152.132.23:0
File type PNG image data, 499 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size 538 kB (538206 bytes)
Hash bbb21edd8ec8e9d06c8e3bbe9b09baff
e7c2644f7fc5f6b1f3c3c8333ecf5113a07f923e
71e5aee930927d84a518a79366fbbc0cc975cf4cc510fcb461b44afdbe325b06
GET /GIS/images/gis_map.PNG HTTP/1.1
Host: www.webercountyutah.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
Last-Modified: Wed, 21 Sep 2016 12:38:02 GMT
ETag: "8365e-53d03d0de9e80"
Accept-Ranges: none
Content-Length: 538206
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19811
Expires: Sat, 14 Jan 2023 19:25:00 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19811
Expires: Sat, 14 Jan 2023 19:25:00 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
planesknob.com/sbar.json?key=a981cc90b26126cbeaa22d88f6178a02&uuid=579d0324-e18b-49d3-a831-fc9251e581f0%3A3%3A1
173.233.137.60200 OK 4.3 kB URL HTTP/1.1 planesknob.com/sbar.json?key=a981cc90b26126cbeaa22d88f6178a02&uuid=579d0324-e18b-49d3-a831-fc9251e581f0%3A3%3A1
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (6027), with no line terminators
Hash d750666da03a6fe9b3ae157aeb549b87
8ab2074c933b8ae8883717771d2a10e9fb8487ef
bbe71bf61e5d86eb42e4ca853be013a2c00841d5b4717b5d5ad399607f069deb
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a981cc90b26126cbeaa22d88f6178a02&uuid=579d0324-e18b-49d3-a831-fc9251e581f0%3A3%3A1 HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:49 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jamesashpe.netlify.app
Access-Control-Allow-Origin: https://jamesashpe.netlify.app
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15537021; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; expires=Sat, 21 Jan 2023 13:54:49 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
uncs=1; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 15 Jan 2023 13:54:49 GMT; secure; SameSite=None
sleca981cc90b26126cbeaa22d88f6178a02=[3078189]; expires=Sat, 14 Jan 2023 13:54:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a892c121e59e05a61d69ae3ba940fc87
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19811
Expires: Sat, 14 Jan 2023 19:25:00 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 58684
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 14:03:21 GMT
age: 85888
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RnAGo4OuBl5UjyOlUOJqu2nlFLHTOe0ETxokWtbI4frbpkNVnIBSew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:41:40 GMT
age: 43989
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jlRcVyQppaQaPPMKaqadtaEHfdOYXXXbnfrr44l_2E2qaOoh_O0Mog==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:21:52 GMT
age: 34377
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2363dbe7bb6a459853d8d19cab50e70b
ded76de1dd453e40dbf6eaa8607cf19fac7f71a4
f96da6354cec52143768014c36ba2b298224a58b0bf38bd2aa5f3bfce69d8670
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7447
x-amzn-requestid: dd3543b7-4e6b-4605-acea-a21d39af02ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qSFjAIAMF7HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce41-56e2ccc63669032d70cba0ba;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AYaeawnEmwHkyx3h-yliVx-ARcRB3W5kbtFH5tARnL3YMD6e4WYAQw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 57948
etag: "ded76de1dd453e40dbf6eaa8607cf19fac7f71a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.166.29200 OK 33 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.166.29:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash daff0af6a7c44c59f559e7d4f6afc642
8f2195a820eaae5a7c056917a1d4a96c7ac8f0af
f0f4c65dcaccac9fbb0049b5db8efe899f3a64172059082e4f66e70aebb88492
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:49 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 353541a1a30d9edef1a653002795bf49
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 14 Jan 2023 13:54:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRSYaKBO%2F5%2B8tqajSDyiMzsDyZm2fTJYb3kinkTnZja9dYU2cHeb87ac7zcUdHH2tbApMIGsLJ4jiW8qhy0c6rxD90qNNjrOf1yog1HByzEs9FC6ANXWNhvvgqqrF1aDTJg99AE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dd9fcea57332-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8592f0941d780eadabee41338044f144
4e1adaa9f4a75071682e5d7e22dd7c5a00123f53
5d1e0d699dfa4830462757cd2df0d0b28a512604dd30a77bd8d3d4db1ca578db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D1E0D699DFA4830462757CD2DF0D0B28A512604DD30A77BD8D3D4DB1CA578DB"
Last-Modified: Thu, 12 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4942
Expires: Sat, 14 Jan 2023 15:17:11 GMT
Date: Sat, 14 Jan 2023 13:54:49 GMT
Connection: keep-alive
www.webercountyutah.gov/Surveyor/images/maps-min.jpeg
204.152.132.23200 OK 1.2 MB URL HTTP/1.1 www.webercountyutah.gov/Surveyor/images/maps-min.jpeg
IP 204.152.132.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5472x3648, components 3\012- data
Size 1.2 MB (1219819 bytes)
Hash 0e24fb6105679a1cfeb88798da73647d
db2df2d72f275122d96d8b706a31d83c8c8c8ea3
5850f165f551f14095ac851523e9d04596d760f4fae4efe8bb8a7a904789ba7f
GET /Surveyor/images/maps-min.jpeg HTTP/1.1
Host: www.webercountyutah.gov
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:47 GMT
Server: Apache
Last-Modified: Tue, 21 Feb 2017 22:31:32 GMT
ETag: "129ceb-54911f11c7900"
Accept-Ranges: none
Content-Length: 1219819
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
planesknob.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTiIehIAaEAVhDh4MuJPqnpmdaXMQ17iyGDdLEtlzdVX1bLk1XU1V9fTsQmAxIPE2HgSPvd%2FsZlGDGBBvosx6CXvKeJA9uP9AEETxKDM7MvgO%2Fd73vi743vfeJ%2FvFGaEo2OnGB2ZXac2uteq09vqmyoQpXW39bi2kdXq9tqmy5eb12mD6sf03Q9qq06u19yTfNtciGlIa0rC2qqxMzeDajIXKH8VhPab1ZlQPW00M7P%2BxKwI4FkD0z8gLUGLyzNaTx1B8jKz37Q3ptr3J33i3V2jmjUVfHH2YbWemzNBblKkNkGZH879h3ISQLy7AZEfzCWD6B9MJkKgJCX4NkWRHc5lI%2BofnShMNmSERz6HsjyH1GIqNwc19KPGUAFxg%2FRay3sN1Y0u2c86yKTshl%2F7%2BE6qckEu%2FXUHW%2B2ZFq0HtjtGFVyZzGKQV1GAM1R0jL47hdwOo8hjcfwwlCLJeBSVOX2u1Y0EbUXNJhp1kqRmLxhLrNMKllMdRK5StTpjSmTVKjaHSMbQcgrmLKFyAQgUo0gBFHqAnTmusFaeUttMkbTQ6Tc55o8F5q7MsWqLR7KQUBZ9qH8LnQ3A9BLd7yO0ettUQtvgJbquCEwGcJ%2BiLCqUkKB1ByQhKRVB6grJfHQrtIlc9FNoVSTjP0Tw3qpHx3X12aHxXZmQ%2FPyPPzwz7%2FcV72JanNRZ3Qs5jmkTLYbTME8lYFIlOJ10O2x1GIzhVQbkLYC7ArpqQK%2Fc%2BRT7dYv9zJOwYTh%2BDq4tgxatg5agdUbCtUbNDsZt97y3jXgqvWD2TXqt0p87yHMJUyP0l%2BJ1gX5%2BRl2eK6v8sQfITMg9wWyG3FT5SPxN09YPRbVOSg9umdOTxrdyrntpl0%2FXe8czL4Kv35U5prFi74YZfvs2nxLR8dFc6f5NlQmVdR75eUUJIu2osl%2BSHNbcpk43Cba0UNivymxvvrK71ciudUyYbg6mnly%2BDqwl59slfs8N96ewVKDuGLSr0ioVSZY7B8z24fNFzhsDqBU7yAGVRjWyULJpaEWi5wCyp4OTJj3%2F892hR77sH6NoAzN%2BfnWvfVujrCkwP4YqLI5%2Fbk7d%2BacwCiQ5GibbBQaKt%2FuzcWqdOa7KV0lTSSCZpnKRtRkWcNuOExaFsJy0WwrsJH3939V8AAAD%2F%2FwEAAP%2F%2Fh9C8yZAEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 planesknob.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTiIehIAaEAVhDh4MuJPqnpmdaXMQ17iyGDdLEtlzdVX1bLk1XU1V9fTsQmAxIPE2HgSPvd%2FsZlGDGBBvosx6CXvKeJA9uP9AEETxKDM7MvgO%2Fd73vi743vfeJ%2FvFGaEo2OnGB2ZXac2uteq09vqmyoQpXW39bi2kdXq9tqmy5eb12mD6sf03Q9qq06u19yTfNtciGlIa0rC2qqxMzeDajIXKH8VhPab1ZlQPW00M7P%2BxKwI4FkD0z8gLUGLyzNaTx1B8jKz37Q3ptr3J33i3V2jmjUVfHH2YbWemzNBblKkNkGZH879h3ISQLy7AZEfzCWD6B9MJkKgJCX4NkWRHc5lI%2BofnShMNmSERz6HsjyH1GIqNwc19KPGUAFxg%2FRay3sN1Y0u2c86yKTshl%2F7%2BE6qckEu%2FXUHW%2B2ZFq0HtjtGFVyZzGKQV1GAM1R0jL47hdwOo8hjcfwwlCLJeBSVOX2u1Y0EbUXNJhp1kqRmLxhLrNMKllMdRK5StTpjSmTVKjaHSMbQcgrmLKFyAQgUo0gBFHqAnTmusFaeUttMkbTQ6Tc55o8F5q7MsWqLR7KQUBZ9qH8LnQ3A9BLd7yO0ettUQtvgJbquCEwGcJ%2BiLCqUkKB1ByQhKRVB6grJfHQrtIlc9FNoVSTjP0Tw3qpHx3X12aHxXZmQ%2FPyPPzwz7%2FcV72JanNRZ3Qs5jmkTLYbTME8lYFIlOJ10O2x1GIzhVQbkLYC7ArpqQK%2Fc%2BRT7dYv9zJOwYTh%2BDq4tgxatg5agdUbCtUbNDsZt97y3jXgqvWD2TXqt0p87yHMJUyP0l%2BJ1gX5%2BRl2eK6v8sQfITMg9wWyG3FT5SPxN09YPRbVOSg9umdOTxrdyrntpl0%2FXe8czL4Kv35U5prFi74YZfvs2nxLR8dFc6f5NlQmVdR75eUUJIu2osl%2BSHNbcpk43Cba0UNivymxvvrK71ciudUyYbg6mnly%2BDqwl59slfs8N96ewVKDuGLSr0ioVSZY7B8z24fNFzhsDqBU7yAGVRjWyULJpaEWi5wCyp4OTJj3%2F892hR77sH6NoAzN%2BfnWvfVujrCkwP4YqLI5%2Fbk7d%2BacwCiQ5GibbBQaKt%2FuzcWqdOa7KV0lTSSCZpnKRtRkWcNuOExaFsJy0WwrsJH3939V8AAAD%2F%2FwEAAP%2F%2Fh9C8yZAEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuTiIehIAaEAVhDh4MuJPqnpmdaXMQ17iyGDdLEtlzdVX1bLk1XU1V9fTsQmAxIPE2HgSPvd%2FsZlGDGBBvosx6CXvKeJA9uP9AEETxKDM7MvgO%2Fd73vi743vfeJ%2FvFGaEo2OnGB2ZXac2uteq09vqmyoQpXW39bi2kdXq9tqmy5eb12mD6sf03Q9qq06u19yTfNtciGlIa0rC2qqxMzeDajIXKH8VhPab1ZlQPW00M7P%2BxKwI4FkD0z8gLUGLyzNaTx1B8jKz37Q3ptr3J33i3V2jmjUVfHH2YbWemzNBblKkNkGZH879h3ISQLy7AZEfzCWD6B9MJkKgJCX4NkWRHc5lI%2BofnShMNmSERz6HsjyH1GIqNwc19KPGUAFxg%2FRay3sN1Y0u2c86yKTshl%2F7%2BE6qckEu%2FXUHW%2B2ZFq0HtjtGFVyZzGKQV1GAM1R0jL47hdwOo8hjcfwwlCLJeBSVOX2u1Y0EbUXNJhp1kqRmLxhLrNMKllMdRK5StTpjSmTVKjaHSMbQcgrmLKFyAQgUo0gBFHqAnTmusFaeUttMkbTQ6Tc55o8F5q7MsWqLR7KQUBZ9qH8LnQ3A9BLd7yO0ettUQtvgJbquCEwGcJ%2BiLCqUkKB1ByQhKRVB6grJfHQrtIlc9FNoVSTjP0Tw3qpHx3X12aHxXZmQ%2FPyPPzwz7%2FcV72JanNRZ3Qs5jmkTLYbTME8lYFIlOJ10O2x1GIzhVQbkLYC7ArpqQK%2Fc%2BRT7dYv9zJOwYTh%2BDq4tgxatg5agdUbCtUbNDsZt97y3jXgqvWD2TXqt0p87yHMJUyP0l%2BJ1gX5%2BRl2eK6v8sQfITMg9wWyG3FT5SPxN09YPRbVOSg9umdOTxrdyrntpl0%2FXe8czL4Kv35U5prFi74YZfvs2nxLR8dFc6f5NlQmVdR75eUUJIu2osl%2BSHNbcpk43Cba0UNivymxvvrK71ciudUyYbg6mnly%2BDqwl59slfs8N96ewVKDuGLSr0ioVSZY7B8z24fNFzhsDqBU7yAGVRjWyULJpaEWi5wCyp4OTJj3%2F892hR77sH6NoAzN%2BfnWvfVujrCkwP4YqLI5%2Fbk7d%2BacwCiQ5GibbBQaKt%2FuzcWqdOa7KV0lTSSCZpnKRtRkWcNuOExaFsJy0WwrsJH3939V8AAAD%2F%2FwEAAP%2F%2Fh9C8yZAEAAA%3D HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:49 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dddf9c28cd6fdc5ecef925a4c43d8062
Strict-Transport-Security: max-age=0; includeSubdomains
jamesashpe.netlify.app/wp-includes/css/dist/block-library/style.min.css
34.141.11.154200 OK 7.5 kB URL HTTP/2 jamesashpe.netlify.app/wp-includes/css/dist/block-library/style.min.css
IP 34.141.11.154:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (748)
Hash 4b2744199f91b37c935a21577673b6f4
852f4f09059ff15dab69d8a2212ffd1e57bf279a
f190c9a4678c7ef09658f70b03705a8949e3f3032769b611e54e15add142852e
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: "4f2b9fa5c9451923cc00cb8a3bbea70e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF0YHV5HEVKQ22ZT3X2Q
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
45.133.44.3200 OK 2.1 kB URL HTTP/2 cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 0f003c000b241b4d623b41bca9266f9d
c84ae52bfa329a0f29c2ec90927e103894d5186a
2faf51b5585b6631dedef89897fe29bd5e5d33c72f9792e5a0a73efab83cacb2
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 12 Aug 2021 09:54:31 GMT
etag: W/"6114efd7-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 14 Jan 2023 14:54:50 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71dc75959e5d27c471828d47c5ca1fa6
98f8d62776c7d9238dde522cc43ae93378fc5ad8
a8974a4692e39485433c04e08694d4b415d61bd7dccf04ec5ae1a4c2bde68906
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A8974A4692E39485433C04E08694D4B415D61BD7DCCF04EC5AE1A4C2BDE68906"
Last-Modified: Thu, 12 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15879
Expires: Sat, 14 Jan 2023 18:19:29 GMT
Date: Sat, 14 Jan 2023 13:54:50 GMT
Connection: keep-alive
planesknob.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=159
173.233.137.60200 OK 0 B URL HTTP/1.1 planesknob.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=159
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=159 HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ee91bceff4762f05347e6f877f4c022d
2edfb34c52e733032730b7ba650ddaef37132981
f8c5ae8865299b88431ced85bffd678fc5e9d46966a505f08e4a0d37f02768ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 18:34:09 GMT
Expires: Fri, 20 Jan 2023 18:34:08 GMT
Etag: "2edfb34c52e733032730b7ba650ddaef37132981"
Cache-Control: max-age=534557,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7896dda6fe80b4ff-OSL
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
172.64.167.9200 OK 65 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP 172.64.167.9:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3\012- data
Hash 61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: "6114ef76-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5184169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF%2BBucwKqbZOxJbuHAWxmkrrZxeFl%2FIKumP%2BcmTvUUovHaUj2Dvp%2F4rdYL5sjLxVu0MX2D9J4sYCQ8L2%2BiHAZ2HrDrMY0ChFpCWZkeE6mVtC03%2Fl%2FuRZhCBQ3wlpyv8WghGakXpYMdvp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda83d390682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 1.0 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 51d54570520fe2450e5ad19a5206a62b
41222ebfefcbafb88608bcd5691c2a7c32548a27
c6743ad456a599b8109ce4c0ac38c947d34eafc6d1e4b693550abdb243d71ec2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A8974A4692E39485433C04E08694D4B415D61BD7DCCF04EC5AE1A4C2BDE68906"
Last-Modified: Thu, 12 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15879
Expires: Sat, 14 Jan 2023 18:19:29 GMT
Date: Sat, 14 Jan 2023 13:54:50 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
172.64.167.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP 172.64.167.9:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:53 GMT
etag: W/"6114ef75-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFFhb0G34zI6SGyvjNk4JaJhM7Lu8AgfzsM0z2wev%2BIFV4Y9QWUW6t5SlbHX75ChbxTBYXBNrl5f9eHQDqSxU5hUc%2Fz6G8bpFZlMWD26KOsiummRMV%2BiZixr%2FdXV6o11oGQNGOuRdn8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda80d0f0682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
172.64.167.9200 OK 1.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
IP 172.64.167.9:0
Hash 470cbc16b710d872c9cba23c0fd5a3dc
811d6187a4bd3df90912046304966a31af960f99
323c79ec80ce3e58e119b41d15b298651dcd303ae92f8c195c8c8d4766e97a7b
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:52 GMT
etag: W/"6114ef74-e68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAGcruCuRidUFRofaPp0%2B%2Bb3%2B9HeQIjaWMnZyFxKlLcxPt7tB%2FNkM2rw7vxdGB7R3UpiLxAaCOm4y0Mr5vRqcncO0UhYms2%2FQZoFuTzD0J2ZYL3VNc9PoBMtBvG6nCPLP7D6XX1ZwIba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda80d150682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 238856
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:13 GMT
expires: Sat, 13 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 87697
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5af6ce798e809281853e1ff953524bc2
e294a7ea02967fc2486d8f028479bc0ec8dcc3b0
ad9749ffa451026d871118eaeb937a0a79b866551510fa0bd0635b683e57146b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD9749FFA451026D871118EAEB937A0A79B866551510FA0BD0635B683E57146B"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4598
Expires: Sat, 14 Jan 2023 15:11:28 GMT
Date: Sat, 14 Jan 2023 13:54:50 GMT
Connection: keep-alive
planesknob.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIehIAaEAVhDh4MuJP%2BMbPTYw7iGlcW42ZJInuurqqeLbemq6mqnp5dCCwGJN7Gg%2BCx95vdLGoQA%2BJNlF4vYU8ZD7IH9z8QBFE8ysyODL5Dv%2Fe9rwu%2B9733yX5xRnwU9HTjA70rlaLX2k2%2F8fqmzLgubWP9biPwm%2F71xqbMllvXG8PpxwzeDPx207%2FaeE%2BwbX0t9APfD%2FygsSqNSPXw2oyFzB91g2bXb7bCZtBuYWj%2Bj23hwVIPfHBGXoDkk2e2njyGZDWy%2Frc3hN12On%2Fj3X6hqNMGA370Ybad6TJDf1GmxkOaHc3%2FhrYTQr64AJ0dzSeAHhxMJ0AiJ8T7NUCSHc1lIhkcnitNFESGhD%2BHclBDqBqS1mD6PiR%2FSgDGsX4LWf%2FhujYl3Tln6ZSdkEt%2F%2FwlZTsil364g63%2BzouSwcUerwkmdWQzTCnJYQ%2FZq5MUx3K4HWR6DuY8hOUHWryD56WvtTpf7UdhaEkGcLLW6PFqicRQspawbtgPRjoPUn1kjZQ2Z1lBiBGovorAeCumhSD0UuYc%2BP23Qdjf1%2FU6apFEUtxhjUcRYO17mbR614tRHwabaR3D5CEyNwMwecrOHbTmCKX6C3apguQfrCAa8QikISktQUoJSEpSOoBxUh1zZ0FYPubJFEsxzOM9RNdaut08PteuJjOznZ%2BT5mWG%2Fv3gP2%2BK0QbtxwFjXT8LlIFxmiaA0DHkcp8tBJ6Z%2BCCsrSHsB1HrYlRNy5d6nyKdbHHyOhB7DqmMweRG0eBW0HHdCH3Rr3Ip97GbfO0OZE9xJ2syEUzLdadI8B9cVcncJbsfbV2fk5Zmi5j9LEOyEzAPMVMhNhY%2FkzwQ99WB8W5fk4LYuLXl8K3eyL3fpdL13HHXC%2B%2Bp9sVNqw9du2NGXb7MpMS0f3RXW3aQZl1nPkq9XJOfCrGrDBPlhzW6KZKOwWyuFyYr85sY7q2v93Ahrpc5qUPn08mUwOSHPPvlrdrgvnb0CaWqYokK%2FWCiV%2Bhgs34PNFz2rCYxa4CT3UBbV2ITJoqkkgRILTJMKVpz8%2BMd%2Fjxb1vn2AnvFA3f3ZuQ5MhYGqQNUItrg4drk5eeuXaBZIlDdOlPEOEmXUZ%2BfWWnnaaActESdxh3GeCMaDThjFke%2BHnLc6XRF04eyE1d9d%2FRcAAP%2F%2FAQAA%2F%2F%2BT2DIvkAQAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 planesknob.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIehIAaEAVhDh4MuJP%2BMbPTYw7iGlcW42ZJInuurqqeLbemq6mqnp5dCCwGJN7Gg%2BCx95vdLGoQA%2BJNlF4vYU8ZD7IH9z8QBFE8ysyODL5Dv%2Fe9rwu%2B9733yX5xRnwU9HTjA70rlaLX2k2%2F8fqmzLgubWP9biPwm%2F71xqbMllvXG8PpxwzeDPx207%2FaeE%2BwbX0t9APfD%2FygsSqNSPXw2oyFzB91g2bXb7bCZtBuYWj%2Bj23hwVIPfHBGXoDkk2e2njyGZDWy%2Frc3hN12On%2Fj3X6hqNMGA370Ybad6TJDf1GmxkOaHc3%2FhrYTQr64AJ0dzSeAHhxMJ0AiJ8T7NUCSHc1lIhkcnitNFESGhD%2BHclBDqBqS1mD6PiR%2FSgDGsX4LWf%2FhujYl3Tln6ZSdkEt%2F%2FwlZTsil364g63%2BzouSwcUerwkmdWQzTCnJYQ%2FZq5MUx3K4HWR6DuY8hOUHWryD56WvtTpf7UdhaEkGcLLW6PFqicRQspawbtgPRjoPUn1kjZQ2Z1lBiBGovorAeCumhSD0UuYc%2BP23Qdjf1%2FU6apFEUtxhjUcRYO17mbR614tRHwabaR3D5CEyNwMwecrOHbTmCKX6C3apguQfrCAa8QikISktQUoJSEpSOoBxUh1zZ0FYPubJFEsxzOM9RNdaut08PteuJjOznZ%2BT5mWG%2Fv3gP2%2BK0QbtxwFjXT8LlIFxmiaA0DHkcp8tBJ6Z%2BCCsrSHsB1HrYlRNy5d6nyKdbHHyOhB7DqmMweRG0eBW0HHdCH3Rr3Ip97GbfO0OZE9xJ2syEUzLdadI8B9cVcncJbsfbV2fk5Zmi5j9LEOyEzAPMVMhNhY%2FkzwQ99WB8W5fk4LYuLXl8K3eyL3fpdL13HHXC%2B%2Bp9sVNqw9du2NGXb7MpMS0f3RXW3aQZl1nPkq9XJOfCrGrDBPlhzW6KZKOwWyuFyYr85sY7q2v93Ahrpc5qUPn08mUwOSHPPvlrdrgvnb0CaWqYokK%2FWCiV%2Bhgs34PNFz2rCYxa4CT3UBbV2ITJoqkkgRILTJMKVpz8%2BMd%2Fjxb1vn2AnvFA3f3ZuQ5MhYGqQNUItrg4drk5eeuXaBZIlDdOlPEOEmXUZ%2BfWWnnaaActESdxh3GeCMaDThjFke%2BHnLc6XRF04eyE1d9d%2FRcAAP%2F%2FAQAA%2F%2F%2BT2DIvkAQAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTiIehIAaEAVhDh4MuJP%2BMbPTYw7iGlcW42ZJInuurqqeLbemq6mqnp5dCCwGJN7Gg%2BCx95vdLGoQA%2BJNlF4vYU8ZD7IH9z8QBFE8ysyODL5Dv%2Fe9rwu%2B9733yX5xRnwU9HTjA70rlaLX2k2%2F8fqmzLgubWP9biPwm%2F71xqbMllvXG8PpxwzeDPx207%2FaeE%2BwbX0t9APfD%2FygsSqNSPXw2oyFzB91g2bXb7bCZtBuYWj%2Bj23hwVIPfHBGXoDkk2e2njyGZDWy%2Frc3hN12On%2Fj3X6hqNMGA370Ybad6TJDf1GmxkOaHc3%2FhrYTQr64AJ0dzSeAHhxMJ0AiJ8T7NUCSHc1lIhkcnitNFESGhD%2BHclBDqBqS1mD6PiR%2FSgDGsX4LWf%2FhujYl3Tln6ZSdkEt%2F%2FwlZTsil364g63%2BzouSwcUerwkmdWQzTCnJYQ%2FZq5MUx3K4HWR6DuY8hOUHWryD56WvtTpf7UdhaEkGcLLW6PFqicRQspawbtgPRjoPUn1kjZQ2Z1lBiBGovorAeCumhSD0UuYc%2BP23Qdjf1%2FU6apFEUtxhjUcRYO17mbR614tRHwabaR3D5CEyNwMwecrOHbTmCKX6C3apguQfrCAa8QikISktQUoJSEpSOoBxUh1zZ0FYPubJFEsxzOM9RNdaut08PteuJjOznZ%2BT5mWG%2Fv3gP2%2BK0QbtxwFjXT8LlIFxmiaA0DHkcp8tBJ6Z%2BCCsrSHsB1HrYlRNy5d6nyKdbHHyOhB7DqmMweRG0eBW0HHdCH3Rr3Ip97GbfO0OZE9xJ2syEUzLdadI8B9cVcncJbsfbV2fk5Zmi5j9LEOyEzAPMVMhNhY%2FkzwQ99WB8W5fk4LYuLXl8K3eyL3fpdL13HHXC%2B%2Bp9sVNqw9du2NGXb7MpMS0f3RXW3aQZl1nPkq9XJOfCrGrDBPlhzW6KZKOwWyuFyYr85sY7q2v93Ahrpc5qUPn08mUwOSHPPvlrdrgvnb0CaWqYokK%2FWCiV%2Bhgs34PNFz2rCYxa4CT3UBbV2ITJoqkkgRILTJMKVpz8%2BMd%2Fjxb1vn2AnvFA3f3ZuQ5MhYGqQNUItrg4drk5eeuXaBZIlDdOlPEOEmXUZ%2BfWWnnaaActESdxh3GeCMaDThjFke%2BHnLc6XRF04eyE1d9d%2FRcAAP%2F%2FAQAA%2F%2F%2BT2DIvkAQAAA%3D%3D HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f63933e4752b69514cc6397b83b14027
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
172.64.167.9200 OK 189 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP 172.64.167.9:0
Hash e92fccb89580145c885f0359badbd628
bed02f01f78b1f585462796e01527a268ac7f24c
f9fdf22943d31068189a6e1329d6bc9bf9ebc39b5ce4ccbd1d3a2f99f82a0597
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: W/"6114ef76-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=503hsWqLtoT%2FEd%2B3948a0Oo%2F62DU9wpVr4h91hqOm%2B2Q1WJIV40ASX1DjUFApqVoVxhAv6Ac0%2BLuymPxTT1vAoATMqWz3DpJKLRFwgiExooztpePkqfddmy6eTyxwEIij6kxSy7YeUCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7896dda80d140682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
planesknob.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 planesknob.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: planesknob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Cookie: u_pl=15537021; uid_id2=579d0324-e18b-49d3-a831-fc9251e581f0:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca981cc90b26126cbeaa22d88f6178a02=[3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a981cc90b26126cbeaa22d88f6178a02&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a981cc90b26126cbeaa22d88f6178a02&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=a981cc90b26126cbeaa22d88f6178a02&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5f1e5a083f2a2c826794331dc48a057
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3914ae10bf633009de6069ed0bb8ca33&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3914ae10bf633009de6069ed0bb8ca33&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=61fc771f-056a-4be9-83ac-def34161a059&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3914ae10bf633009de6069ed0bb8ca33&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 13:54:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b2a37342aefcb46f7a7b837d95e3f139
Strict-Transport-Security: max-age=0; includeSubdomains
www.statcounter.com/counter/counter.js
104.20.218.77200 OK 0 B URL HTTP/2 www.statcounter.com/counter/counter.js
IP 104.20.218.77:0
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 12 Jan 2023 22:04:39 GMT
etag: W/"63c083f7-aa70"
expires: Sat, 14 Jan 2023 22:51:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 10987
server: cloudflare
cf-ray: 7896dda83d32fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
jamesashpe.netlify.app/wp-content/themes/iconic-one/style.css
34.141.11.154200 OK 0 B URL HTTP/2 jamesashpe.netlify.app/wp-content/themes/iconic-one/style.css
IP 34.141.11.154:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/iconic-one/style.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: "98fe9bba1d65a0128ffc51448c70c26c-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF13VN27TSTVAY2A31E6
X-Firefox-Spdy: h2
jamesashpe.netlify.app/wp-content/themes/iconic-one/js/selectnav.js
34.141.11.154200 OK 0 B URL HTTP/2 jamesashpe.netlify.app/wp-content/themes/iconic-one/js/selectnav.js
IP 34.141.11.154:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/iconic-one/js/selectnav.js HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: "2e68f43ca5f7aefdc4917a22d9ef385b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF1KYJ0XZPNG7WDC3NA8
X-Firefox-Spdy: h2
jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css
34.141.11.154404 Not Found 0 B URL HTTP/2 jamesashpe.netlify.app/wp-content/themes/iconic-one/custom.css
IP 34.141.11.154:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/themes/iconic-one/custom.css HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/weber-county-plat-maps/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
age: 1
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 14 Jan 2023 13:54:48 GMT
etag: 1592756346-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZF14CJ3W6D876E2RNMWV
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=12357737&u1=0947A8060D954FBCE4F9045F10F56C4B&java=1&security=faac8bec&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//jamesashpe.netlify.app/weber-county-plat-maps/&t=Weber%20County%20Plat%20Maps%20%E2%80%93%20Map%20Of%20California%20Coast%20Cities&invisible=1&sc_rum_e_s=3069&sc_rum_e_e=3074&sc_rum_f_s=0&sc_rum_f_e=3061&get_config=true
104.20.218.77200 OK 0 B URL HTTP/2 c.statcounter.com/t.php?sc_project=12357737&u1=0947A8060D954FBCE4F9045F10F56C4B&java=1&security=faac8bec&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//jamesashpe.netlify.app/weber-county-plat-maps/&t=Weber%20County%20Plat%20Maps%20%E2%80%93%20Map%20Of%20California%20Coast%20Cities&invisible=1&sc_rum_e_s=3069&sc_rum_e_e=3074&sc_rum_f_s=0&sc_rum_f_e=3061&get_config=true
IP 104.20.218.77:0
GET /t.php?sc_project=12357737&u1=0947A8060D954FBCE4F9045F10F56C4B&java=1&security=faac8bec&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//jamesashpe.netlify.app/weber-county-plat-maps/&t=Weber%20County%20Plat%20Maps%20%E2%80%93%20Map%20Of%20California%20Coast%20Cities&invisible=1&sc_rum_e_s=3069&sc_rum_e_e=3074&sc_rum_f_s=0&sc_rum_f_e=3061&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jamesashpe.netlify.app
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 13:54:51 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc12357737.1673704491.0; SameSite=None; Secure; Expires=Thursday, 13-Jan-2028 19:24:51 IST; Path=/; Domain=.statcounter.com
is_visitor_unique=1673704491150439015; SameSite=None; Secure; Expires=Monday, 13-Jan-2025 19:24:51 IST; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://jamesashpe.netlify.app
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7896ddac88e8fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
jamesashpe.netlify.app/weber-county-plat-maps/
34.141.11.154200 OK 0 B URL HTTP/2 jamesashpe.netlify.app/weber-county-plat-maps/
IP 34.141.11.154:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /weber-county-plat-maps/ HTTP/1.1
Host: jamesashpe.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 13:54:47 GMT
etag: "2d817c2cc1563d044fca271a7aa055e1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GPR8ZERZ68XQM3K3V9WV976Y
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext
IP 142.250.74.74:0
GET /css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jamesashpe.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 13:54:48 GMT
date: Sat, 14 Jan 2023 13:54:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2